Unable to process redirect callback (Redirect Action)

Help
,
1

I’m running into this error when attempting to hit the /continue URL of a PostLogin Action flow.

Unable to process redirect callback. This is often caused by calling the /continue endpoint with an invalid state parameter.

Context

Specifically, I’m attempting to migrate our use of the Auth0 Link Account Extension.

This old extension relies on rules, which are being deprecated. As far as I can tell, there is no official support from Auth0 to do account linking, and we must implement it ourselves.

Per guidance in the docs, I’m using a combination of PostLogin actions, and my own external app to provide a way for a user to automatically link accounts when logging in.

  1. User signs up with Username/PW via Auth0. They use the app.
  2. Later, User logs in with a secondary provider (e.g. google-oauth2)
  3. PostLogin action detects that this social login is a candidate for account linking
  4. PostLogin redirects social login user to an external app
  5. External app challenges User to verify Username/PW, and uses the Management API to link accounts together

At this point, I’m attempting to redirect the user back to /continue (with the same auth0DOMAIN and state param), where I will be able to call

api.authentication.setPrimaryUser(primaryUserId);

and complete the flow.

However, I keep landing on an Auth0 error page.

I found this post that mentions 3 possible causes for this problem (even if the state param matches). It would appear that I might be falling into the third scenario:

  • The account that the user just logged in with is linked as a secondary identity before the call to /continue.

There’s no solution listed for this issue in the post, and it would appear to contradict the suggested way to provide account linking with actions, so I’m a bit stuck.

Would appreciate any help or guidance from the Auth0 team!

Thanks,
Chris

1 Like
2

Anyone have any ideas on the above?

I’ve come up with a workaround for now, but would still like to understand why the above error is happening when linking accounts.

Workaround

Instead of using the Management API in my external app to do the account linking, I use it to map the relevant data I need to the metadata on the linking auth0 user.

Since I haven’t performed any linking action in my external flow, the error I describe in the original post doesn’t occur, and I can successfully get to the onContinuePostLogin method in the PostLogin action. This appears to confirm my suspicion that the problem I was facing was “point 3”

  • The account that the user just logged in with is linked as a secondary identity before the call to /continue.

Now, I can access the newly written metadata in onContinuePostLogin, and do the account linking directly in the action (as well calling api.authentication.setPrimaryUser(primaryUserId);)

3

Hello!

We’re encountering the same issue with account linking. We’ve followed all steps in the documentation, but the problem persists. Our reproduction steps align closely with those described by @chris61

It looks like the account linking to the primary account on the application side leads to state invalidation or something.

Could you provide any guidance or suggestions on resolving this?